Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
#
39ed0745 |
| 24-May-2020 |
Bernd Edlinger |
Remove OPENSSL_ia32cap overrides in various test scripts The removed override was: OPENSSL_ia32cap=~0x200000200000000 which disables AESNI codepaths and PCLMULQDQ (useful for ghash).
Remove OPENSSL_ia32cap overrides in various test scripts The removed override was: OPENSSL_ia32cap=~0x200000200000000 which disables AESNI codepaths and PCLMULQDQ (useful for ghash). It is unclear why this was done, but it probably just hides bugs. [extended tests] Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16693)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
#
a763ca11 |
| 14-Jan-2021 |
Matt Caswell |
Stop disabling TLSv1.3 if ec and dh are disabled Even if EC and DH are disabled then we may still be able to use TLSv1.3 if we have groups that have been plugged in by an external provid
Stop disabling TLSv1.3 if ec and dh are disabled Even if EC and DH are disabled then we may still be able to use TLSv1.3 if we have groups that have been plugged in by an external provider. Fixes #13767 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13916)
show more ...
|
Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
#
aba03ae5 |
| 02-Jan-2020 |
Kurt Roeckx |
Reduce the security bits for MD5 and SHA1 based signatures in TLS This has as effect that SHA1 and MD5+SHA1 are no longer supported at security level 1, and that TLS < 1.2 is no longer s
Reduce the security bits for MD5 and SHA1 based signatures in TLS This has as effect that SHA1 and MD5+SHA1 are no longer supported at security level 1, and that TLS < 1.2 is no longer supported at the default security level of 1, and that you need to set the security level to 0 to use TLS < 1.2. Reviewed-by: Tim Hudson <tjh@openssl.org> GH: #10787
show more ...
|
#
526f1f1a |
| 23-Feb-2020 |
Kurt Roeckx |
Fix syntax of cipher string Reviewed-by: Tim Hudson <tjh@openssl.org> GH: #10787
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
#
3656c08a |
| 10-Apr-2020 |
Benjamin Kaduk |
Add test for CVE-2020-1967 Add to test_sslsigalgs a TLSProxy test that injects a "signature_algorithms_cert" extension that contains an unallocated codepoint. The test curre
Add test for CVE-2020-1967 Add to test_sslsigalgs a TLSProxy test that injects a "signature_algorithms_cert" extension that contains an unallocated codepoint. The test currently fails, since s_server segfaults instead of ignoring the unrecognized value. Since "signature_algorithms" and "signature_algorithms_cert" are very similar, also add the analogous test for "signature_algorithms". Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
#
b0031e5d |
| 02-Jan-2020 |
Kurt Roeckx |
Check that the default signature type is allowed TLS < 1.2 has fixed signature algorithms: MD5+SHA1 for RSA and SHA1 for the others. TLS 1.2 sends a list of supported ciphers, but allows
Check that the default signature type is allowed TLS < 1.2 has fixed signature algorithms: MD5+SHA1 for RSA and SHA1 for the others. TLS 1.2 sends a list of supported ciphers, but allows not sending it in which case SHA1 is used. TLS 1.3 makes sending the list mandatory. When we didn't receive a list from the client, we always used the defaults without checking that they are allowed by the configuration. Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #10784
show more ...
|
Revision tags: OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
909f1a2e |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in test/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i |
|
#
9e6a3202 |
| 17-Jul-2018 |
Matt Caswell |
Add a test for mismatch between key OID and sig alg Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6732)
|
Revision tags: OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2 |
|
#
f865b081 |
| 16-Feb-2018 |
Matt Caswell |
Split configuration of TLSv1.3 ciphers from older ciphers With the current mechanism, old cipher strings that used to work in 1.1.0, may inadvertently disable all TLSv1.3 ciphersuites ca
Split configuration of TLSv1.3 ciphers from older ciphers With the current mechanism, old cipher strings that used to work in 1.1.0, may inadvertently disable all TLSv1.3 ciphersuites causing connections to fail. This is confusing for users. In reality TLSv1.3 are quite different to older ciphers. They are much simpler and there are only a small number of them so, arguably, they don't need the same level of control that the older ciphers have. This change splits the configuration of TLSv1.3 ciphers from older ones. By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable them through your existing config. Fixes #5359 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre1 |
|
#
6738bf14 |
| 13-Feb-2018 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
c423ecaa |
| 09-Feb-2018 |
Matt Caswell |
Fixes for no-tls1_2 and no-tls1_2-method The no-tls1_2 option does not work properly in conjunction with TLSv1.3 being enabled (which is now the default). This commit fixes the issues.
Fixes for no-tls1_2 and no-tls1_2-method The no-tls1_2 option does not work properly in conjunction with TLSv1.3 being enabled (which is now the default). This commit fixes the issues. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5301)
show more ...
|
#
cf8e9233 |
| 26-Jan-2018 |
Benjamin Kaduk |
Catch some more old sigalg names in comments Make the sigalg name in comments reflect one that actually exists in the draft standard. Reviewed-by: Matt Caswell <matt@openssl.org
Catch some more old sigalg names in comments Make the sigalg name in comments reflect one that actually exists in the draft standard. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5174)
show more ...
|
#
3e524bf2 |
| 24-Jan-2018 |
Benjamin Kaduk |
Add TLSProxy tests for signature_algorithms_cert We don't need to send this extension in normal operation since we are our own X.509 library, but add some test cases that force the e
Add TLSProxy tests for signature_algorithms_cert We don't need to send this extension in normal operation since we are our own X.509 library, but add some test cases that force the extension to be sent and exercise our code to process the extension. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5068)
show more ...
|
#
f55e99f7 |
| 11-Jan-2018 |
Benjamin Kaduk |
Add TLS 1.3 draft-23 PSS signature algorithms We now have a split in the signature algorithms codepoint space for whether the certificate's key is for rsaEncryption or a PSS-specific
Add TLS 1.3 draft-23 PSS signature algorithms We now have a split in the signature algorithms codepoint space for whether the certificate's key is for rsaEncryption or a PSS-specific key, which should let us get rid of some special-casing that we previously needed to try to coax rsaEncryption keys into performing PSS. (This will be done in a subsequent commit.) Send the new PSS-with-PSS-specific key first in our list, so that we prefer the new technology to the old one. We need to update the expected certificate type in one test, since the "RSA-PSS+SHA256" form now corresponds to a public key of type rsaEncryption, so we should expect the server certificate type to be just "RSA". If we want to get a server certificate type of "RSA-PSS", we need to use a new signature algorithm that cannot be represented as signature+hash, so add a test for that as well. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5068)
show more ...
|
#
c5856878 |
| 17-Jan-2018 |
Richard Levitte |
Enable TLSProxy tests on Windows Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5094)
|
Revision tags: OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f |
|
#
05594f4a |
| 26-Apr-2017 |
Benjamin Kaduk |
Add tests for deprecated sigalgs with TLS 1.3 ClientHellos Test for each of DSA, SHA1, and SHA224. Use the symbolic names for SignatureScheme comparisons just added. Review
Add tests for deprecated sigalgs with TLS 1.3 ClientHellos Test for each of DSA, SHA1, and SHA224. Use the symbolic names for SignatureScheme comparisons just added. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3326)
show more ...
|
Revision tags: OpenSSL-fips-2_0_16 |
|
#
0e1e4045 |
| 05-Apr-2017 |
Benjamin Kaduk |
TLS 1.3 client sigalgs test no longer needs TLS 1.2 Per the TODO comment, we now have proper certificate selection for TLS 1.3 client certificates, so this test can move into its own
TLS 1.3 client sigalgs test no longer needs TLS 1.2 Per the TODO comment, we now have proper certificate selection for TLS 1.3 client certificates, so this test can move into its own block. (It cannot merge with the previous block, as it requires EC.) Verified that the test passes when configured with enable-tls1_3 no-tls1 no-tls1_1 no-tls1_2. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3131)
show more ...
|
#
e498d954 |
| 06-Mar-2017 |
Matt Caswell |
Fix no-ec Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2858)
|
#
d7345822 |
| 03-Mar-2017 |
Bernd Edlinger |
Reset executable bits on files where not needed. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/opens
Reset executable bits on files where not needed. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2835)
show more ...
|
#
faadddc9 |
| 19-Feb-2017 |
Dr. Stephen Henson |
Add no siglags test for ECDSA certificate Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2679)
|
Revision tags: OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d |
|
#
5eeb6c6e |
| 10-Jan-2017 |
Matt Caswell |
Fix no-ec following sigalgs refactor Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
|
#
cd61b55f |
| 03-Jan-2017 |
Matt Caswell |
Add a sigalg test to check we only allow sigalgs we sent Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
|
#
fe3066ee |
| 03-Jan-2017 |
Matt Caswell |
Extend PSS signature support to TLSv1.2 TLSv1.3 introduces PSS based sigalgs. Offering these in a TLSv1.3 client implies that the client is prepared to accept these sigalgs even in T
Extend PSS signature support to TLSv1.2 TLSv1.3 introduces PSS based sigalgs. Offering these in a TLSv1.3 client implies that the client is prepared to accept these sigalgs even in TLSv1.2. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
show more ...
|